public UserDto Add(UserDto dto, string initialPassword, int?byUserId = null)
 {
     try
     {
         _unitOfWork.Begin();
         var user = new User();
         pushUpdatableUserProfileToModel(user, dto);
         validatePassword(initialPassword);
         // these properties are only set once upon user creation
         user.CreatedAt    = DateTime.UtcNow;
         user.Salt         = _cipherService.GenerateSalt();
         user.PasswordHash = _cipherService.ComputeSHA256Hash(initialPassword, user.Salt);
         // default to just a viewer
         dto.Roles = new List <TypeOfUserRole>()
         {
             TypeOfUserRole.Viewer
         };
         validateUserModel(user, dto.Roles);
         if (UserExists(dto.Username))
         {
             throw new ApplicationException($"The username {dto.Username} has already been taken.  Please either register with another username or login if you have already registered.");
         }
         user = _userRepository.Add(user);
         setUserRoles(user, dto.Roles);
         var newUserDto = _mapper.Map <User, UserDto>(user);
         _unitOfWork.Commit();
         // _userRepository.AddSystemLogEntry(byUserId, "Created user " + newUserDto.FullName);
         return(newUserDto);
     }
     catch (Exception ex)
     {
         _unitOfWork.Rollback();
         // _logger.Error("Error during user addition", ex);
         throw;
     }
 }